Risk of Losing $25 Billion: Cybersecurity Experts Find 280 Flaws in Blockchains
Around 300 blockchain networks are at risk of losing $25bn or more in crypto assets due to “zero-day” exploits, according to cybersecurity firm Halborn. The firm was hired to assess the Dogecoin open source code for vulnerabilities and discovered exploitable critical weaknesses. Further evaluation revealed that these vulnerabilities also affected Zcash and Litecoin, as well as 280 other blockchain networks, putting $25bn in crypto at risk. The most critical flaw was Rab13s, allowing exploiters to send individual nodes compromised malicious consensus messages resulting in the node collapsing. As these messages accumulate, the blockchain becomes vulnerable to a 51% attack, allowing an exploiter to control most of the tokens staked on the network or its mining hash rate, which could result in the blockchain being taken offline or a new version being created. Halborn also found other vulnerabilities, such as cybercriminals using Remote Procedure Call requests to crash blockchain nodes. While the firm said at least one element per network was exploitable, not all networks were vulnerable due to codebase differences. Dogecoin, Litecoin and Zcash blockchains fixed the vulnerabilities Halborn found, but the firm warned hundreds of other networks may still be exposed to risk.